OBSOLETE Patch-ID# 138875-05
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security idsconfig indexing nss_ldap getbymember nss_success nss_dbop_group_bymember core ldap_cachemgr hang password native dsconf pwd-strong-check-enabled nscd nsswitch nss foreign backends
Synopsis: Obsoleted by: 141031-05 SunOS 5.10_x86: Native LDAP, PAM, name-service-switch patch
Date: Aug/14/2009
Install Requirements: After installing this patch on an active boot environment, the system will be in a potentially inconsistent state until a reboot is performed. Unless
otherwise specified in the Special Install Instructions below, it is normally safe to apply further patches prior to initiating the reboot due to the relatively small footprint of the patch utilities. Normal operations must not be resumed until after the reboot is performed.
Use Single User Mode (run level S) when installing this patch on an active boot environment. An alternative may be specified in the Special Install Instructions.
Solaris Release: 10_x86
SunOS Release: 5.10_x86
Unbundled Product:
Unbundled Release:
Xref: This patch available for SPARC as patch 138874
Topic: SunOS 5.10_x86: Native LDAP, PAM, name-service-switch patch
Relevant Architectures: i386
Bugs fixed with this patch:
Changes incorporated in this version: 6805959
Patches accumulated and obsoleted by this patch: 138047-02 138264-03 139505-01 139569-01 140108-01 140127-01 140145-01 140147-01 140166-01 140168-01 140392-03
Patches which conflict with this patch:
Patches required with this patch: 118855-36 120012-14 127128-11 137138-09 (or greater)
Obsoleted by: 141031-05
Files included with this patch:
/lib/amd64/nss_dns.so.1
/lib/amd64/nss_nisplus.so.1
/lib/nss_dns.so.1
/lib/nss_nisplus.so.1
/usr/bin/passwd
/usr/lib/amd64/libsldap.so.1
/usr/lib/amd64/llib-lpasswdutil.ln
/usr/lib/amd64/nss_ldap.so.1
/usr/lib/amd64/passwdutil.so.1
/usr/lib/ldap/idsconfig
/usr/lib/ldap/ldap_cachemgr
/usr/lib/libsldap.so.1
/usr/lib/llib-lpasswdutil.ln
/usr/lib/nss_ldap.so.1
/usr/lib/passwdutil.so.1
/usr/sbin/ldapaddent
/usr/sbin/ldapclient
/usr/sbin/nscd
Problem Description:
6805959 per-user nscd doesn't reap child processes after these exited, such child processes remain as zombies
(from 138875-04)
4904603 disable ldaplist to not show userpassword attribute or just user logged in
6615693 nscd only checks the file_dac_read check privilege and not the euid for access to the shadow file
(from 138875-03)
4622166 ldapaddent does not escape some special characters in DN for exec_attr, services and tnrhtp database
6844186 fix for 6715843 incomplete in Solaris 10 patch gate
(from 138875-02)
4796766 idsconfig and ldapaddent should support project database
6329516 unlimited password guesses allowed
6509374 idsconfig doesn't create container for projects
6580192 nss_ldap: __ns_ldap_endEntry() called twice by top_down_search()
6677547 Native LDAP client to disable vlv searches for netgroups
6715171 nss_ldap and passwdutil do not support all shadowAccount attributes
6715843 ldapaddent is not accepting a one character entry for the tnrhtp file
6797378 'ldapaddent -d passwd' does not print 'x' for the password field
(from 138875-01)
6561249 idsconfig prints out incorrect information for VLV indexing when run against DS5.2 & 6.0
(from 140108-01)
This revision accumulates generic Sustaining patch 139569-01
into Solaris S10U7 update.
(from 139569-01)
6585350 nss_nisplus: getbymember() does not follow NSS_DBOP_GROUP_BYMEMBER protocol
6669386 nss_ldap getbymember always returns NSS_SUCCESS
(from 140127-01)
This revision accumulates generic Sustaining patch 139505-01
into Solaris S10U7 update.
(from 139505-01)
6493513 changing password (in files repository) dumps core when libumem is in effect
(from 140166-01)
This revision accumulates generic Sustaining patch 140145-01
into Solaris S10U7 update.
(from 140145-01)
6774895 Solaris 10 ldap_cachemgr hang
(from 140168-01)
This revision accumulates generic Sustaining patch 140147-01
into Solaris S10U7 update.
(from 140147-01)
6740474 confusing 'password too short' message from Native LDAP
(from 140392-03)
6699250 nscd core dumps in NIS do_getent
6741305 nscd core file genererated during storage pool reconfig
(from 140392-02)
6633347 nscd (sparks) can give inconsistent name resolution if started without a resolv.conf file
(from 140392-01)
This revision accumulates generic Sustaining patch 138264-03
into Solaris S10U7 update.
(from 138264-03)
6737284 nscd does not return NSS_TRYLOCAL for foreign NSS backends for enumerated searches when using compat
6740382 nscd needs improved permission checking
(from 138264-02)
This revision accumulates generic Sustaining patch 138047-02
into Solaris S10U6 update.
(from 138264-01)
This revision accumulates generic Sustaining patch 138047-01
into Solaris S10U6 update.
(from 138047-02)
6537549 nscd dies with SIGPIPE
(from 138047-01)
6636228 foreign NSS backends, nscd does not return NSS_TRYLOCAL when processing getgroupsbymember
6644077 nscd rejects foreign nsswitch backends
Patch Installation Instructions:
--------------------------------
Please refer to the man pages for instructions on using 'patchadd'
and 'patchrm' scripts provided with Solaris.
The following example installs a patch to a standalone machine:
example# patchadd /var/spool/patch/123456-07
The following example removes a patch from a standalone system:
example# patchrm 123456-07
For additional examples please see the appropriate man pages. Any
other special or non-generic installation instructions should be
described below as special instructions.
Special Install Instructions:
-----------------------------
NOTE 1: Before installing this patch, please be sure to install the latest
patch utilities patches for your OS. This list of patches is defined
at http://sunsolve.sun.com
Please use the pull down list which appears after the text:
"Latest Patch Update: To ensure the correct functioning of the
patching utilities on your system, stay up to date on the
following patches"
README -- Last modified date: Saturday, November 10, 2012